Configure an Application or Service to Send Messages to Your Skill

The third party application back-end that corresponds to the skill you are building needs authorization to send messages to your skill. You get this authorization by obtaining an access token. To obtain an access token, the developer's server issues a POST request on an HTTPS connection.

Note: These requests require the ClientId and ClientSecret values for your skill. To obtain these, go to the list of skills in the developer console. Those skills that have the appropriate permissions will show the link View Skill ID and Client Secret. When you click this link, the Skill ID, Client ID, and Client Secret appear in a popup message. Copy these values for later use.

Response Parameters

The duration in seconds of the access token lifetime. For example, 3600 denotes that the access token expires in one hour from the time the response was generated.

"expires_in":3600

scope

The scope specified in the access token request. Value will be alexa:skill_messaging.

"scope":"alexa:skill_messaging"

token_type

The type of the token issued. Only Bearer tokens are supported.

"token_type":"Bearer"

If your request is not successful, you will receive a non-200 error
status code. In the case of a non-200 code, the response message may
contain the following parameter in the body of the JSONObject:

reason: « The reason the request was not accepted. »

Errors

Status Code

Type

Description

400

INVALID_REQUEST

Reasons for this response include:
- The content type is not supported by the authorization server. In other words, it is not application/x-www-form-urlencoded.
- The request is missing a required parameter: grant-type, scope, client_id, client_secret.
- The request is otherwise malformed.

400

UNAUTHORIZED_CLIENT

The client is not authorized for the requested operation.

400

UNSUPPORTED_GRANT_TYPE

The grant type is not supported by the authorization server. In other words, it is not client_credentials.

400

INVALID_SCOPE

The requested scope is invalid, which means it is not alexa:skill_messaging.

401

INVALID_CLIENT

The client authentication failed.

500

SERVER_ERROR

There was an internal server error. The requester may retry the request.

503

SERVICE_UNAVAILABLE

The server is temporarily unavailable. The requester must retry later honoring the Retry-After header included in the response. See the HTTP/1.1 specification, section 14.37, for possible formats for the Retry-After value.

After obtaining the token, your application can call the Skill Messaging API to send a message to your skill.